package org.duang.handles;

import java.util.HashSet;
import java.util.Set;

import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;

import org.duang.common.exceptios.ServiceException;
import org.duang.kit.ToolsKit;

public class TokenHandle implements IHandle {
	
	private String tokenid ;
	private Set<String> filterValidationUriSet = new HashSet<String>();
	
	public TokenHandle() {
		
	}

	public TokenHandle(String tokenIdKey, Set<String> filterValidationUriSet) {
		this.tokenid = tokenIdKey;
		this.filterValidationUriSet.addAll(filterValidationUriSet);
	}
	
	@Override
	public void execute(String target, HttpServletRequest request, HttpServletResponse response) throws Exception {
		if (!ToolsKit.isSecurityUrl(target)) {
			throw new ServiceException().setCode(403).setMessage("拒绝访问！");
		}
		String tokenId =  getTokenIdValue(request);
		//TODO... TokendId业务逻辑判断
		
		
	}
	
	
	private String getTokenIdValue(HttpServletRequest request) {
		String tokenId = request.getParameter(tokenid);
		if(ToolsKit.isEmpty(tokenId)) 
			tokenId = (String)request.getAttribute(tokenid);
		if(ToolsKit.isEmpty(tokenId)){
			throw new ServiceException().setCode(5).setMessage("AccessTokenId不存在！");
		}
		return tokenId;
	}

}
